iSharkFly-Docs
/
java-tutorials
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #15308 from GaetanoPiazzolla/java-27656-websecurity2 

JAVA-27656 | spring-boot-modules fix
This commit is contained in:
Alvin Austria 2023-11-28 23:55:26 +01:00 committed by GitHub
parent b11a85adb1 4151b9ce70
commit 206823457b
4 changed files with 41 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
spring-boot-modules/spring-boot-libraries/src/main/java/com/baeldung/caffeine/SecurityConfiguration.java
View File

@ -1,9 +1,10 @@
package com.baeldung.caffeine; package com.baeldung.caffeine;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.web.SecurityFilterChain;
/** /**
* Because the POM imports Spring Security, we need a simple security * Because the POM imports Spring Security, we need a simple security
@ -11,14 +12,14 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
*/ */
@Configuration @Configuration
@EnableWebSecurity @EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter { public class SecurityConfiguration {
@Override @Bean
protected void configure(HttpSecurity http) throws Exception { public SecurityFilterChain securityFilter(HttpSecurity http) throws Exception {
http.csrf().disable(); http.csrf().disable();
http.authorizeRequests() return http.authorizeRequests()
.antMatchers("/**") .antMatchers("/**")
.permitAll(); .permitAll().and().build();
} }
} }

14
spring-boot-modules/spring-boot-runtime/src/main/java/com/baeldung/spring/boot/management/logging/SecurityConfig.java
View File

@ -1,14 +1,16 @@
package com.baeldung.spring.boot.management.logging; package com.baeldung.spring.boot.management.logging;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.web.SecurityFilterChain;
@Configuration @Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter { public class SecurityConfig {
@Override @Bean
protected void configure(HttpSecurity http) throws Exception { public SecurityFilterChain securityFilter(HttpSecurity http) throws Exception {
http.csrf() return http.csrf()
.ignoringAntMatchers("/actuator/**"); .ignoringAntMatchers("/actuator/**").and()
.build();
} }
} }

12
spring-cloud-modules/spring-cloud-openfeign/src/main/java/com/baeldung/cloud/openfeign/oauthfeign/OAuth2WebSecurityConfigurerAdapter.java
View File

@ -1,19 +1,23 @@
package com.baeldung.cloud.openfeign.oauthfeign; package com.baeldung.cloud.openfeign.oauthfeign;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.web.SecurityFilterChain;
@Configuration @Configuration
public class OAuth2WebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter { public class OAuth2WebSecurityConfigurerAdapter {
@Override @Bean
protected void configure(HttpSecurity http) throws Exception { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http http
.csrf() .csrf()
.disable() .disable()
.oauth2Client(); .oauth2Client();
http http
.authorizeRequests().anyRequest().permitAll(); .authorizeRequests().anyRequest().permitAll();
return http.build();
} }
} }

41
spring-web-modules/spring-thymeleaf/src/main/java/com/baeldung/thymeleaf/config/WebMVCSecurity.java
View File

@ -2,42 +2,37 @@ package com.baeldung.thymeleaf.config;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.web.SecurityFilterChain;
@Configuration @Configuration
@EnableWebSecurity @EnableWebSecurity
@EnableGlobalMethodSecurity(securedEnabled = true, prePostEnabled = true) @EnableGlobalMethodSecurity(securedEnabled = true, prePostEnabled = true)
public class WebMVCSecurity extends WebSecurityConfigurerAdapter { public class WebMVCSecurity {
@Bean @Bean
@Override public InMemoryUserDetailsManager userDetailsService() {
public AuthenticationManager authenticationManagerBean() throws Exception { UserDetails user = User.withUsername("user1")
return super.authenticationManagerBean(); .password("{noop}user1Pass")
.authorities("USER")
.build();
return new InMemoryUserDetailsManager(user);
} }
public WebMVCSecurity() { @Bean
super(); public WebSecurityCustomizer webSecurityCustomizer() {
return (web) -> web.ignoring().antMatchers("/resources/**");
} }
@Override @Bean
protected void configure(final AuthenticationManagerBuilder auth) throws Exception { public SecurityFilterChain filterChain(final HttpSecurity http) throws Exception {
auth.inMemoryAuthentication().withUser("user1").password("{noop}user1Pass").authorities("ROLE_USER"); return http.authorizeRequests().anyRequest().authenticated().and().httpBasic().and().build();
}
@Override
public void configure(final WebSecurity web) throws Exception {
web.ignoring().antMatchers("/resources/**");
}
@Override
protected void configure(final HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().authenticated().and().httpBasic();
} }
} }